Investigatory Powers Bill (Second sitting) Debate
Full Debate: Read Full DebateMatt Warman
Main Page: Matt Warman (Conservative - Boston and Skegness)Department Debates - View all Matt Warman's debates with the Home Office
(8 years, 8 months ago)
Public Bill CommitteesQ Under the terms of the Bill, you are being asked to collect a large amount of data, some of which will be quite personal and some private. How confident are you of BT’s capability in terms of maintaining the security of those data from hacking or theft, particularly bearing in mind the fact that other communications service providers have been hacked into? When you consider the rest of the industry more broadly—without naming names—do you think BT is in a stronger position than other CSPs to maintain security against hacking or theft where there might be vulnerabilities elsewhere?
Mark Hughes: The security of any data we hold and retain is clearly a matter that we take extremely seriously. That is of the utmost seriousness for our organisation for any type of data. The type of data that the Bill refers to specifically is, though, perhaps different from other types of data that need to be interfacing the public on a bigger scale, for example. This is not that type of data; it is going to be restricted and allowed to be viewed by only very few individuals who have the correct authority to be able to get to the data when they need to.
The level of security applied to this type of data is clearly factored into the type of data that is being retained, so we have to put very significant security measures around it to ensure that the access is controlled properly and that the data are very secure when stored. That absolutely has to be factored into the cost and the way we operate. It is not something new. We are currently subject to laws and regulations under which we have to make sensitive data available, so we are used to doing it, but that clearly has to be factor in for, for example, some of the new datasets we are potentially going to be asked to retain under the Bill.
Q On the Joint Committee on the draft Bill and on the Science and Technology Committee, we heard CSPs talking about the level of engagement they have had from the Home Office, and we have heard from the Home Office that that has increased recently. That seems to tally with what you are saying. Could you give us a sense of the scale and extent of that engagement, and some reassurance that, in this fast-moving world, you are confident that the relationship is such that that engagement would be there in future as well, rather than it just being about getting the Bill to this stage?
Mark Hughes: We have had extensive periods of consultation and meetings on a very frequent basis. The Home Secretary has invited many of us representatives of the CSP community to meetings with her on two occasions before this, as well as to many working-level meetings with various Home Office officials. We discussed the technical, legal and procedural points about the proposed legislation as well, which is markedly different from how things have been before.
On the point about the future, which is important here, the Bill itself clearly specifies and puts in place a regime whereby consultation is enshrined in the legislation through the consultation process that has to happen before a notice is issued and, indeed, because the reconstituted technical advisory board can be called to come together at any time. That power did not exist in the past. The consultation is in a better place and I think that the Bill itself will help to ensure that that continues in future, because it will be a point of law.
Q Is everything in the Bill technically deliverable?
Mark Hughes: There is nothing that we have yet come across that we think is technically not deliverable. However, I will caveat that by saying that we provide many different services. There are different service providers that do different types of things and operate their communications networks differently from us. I can only really comment on BT and our networks, both mobile and fixed, but from where we are coming from it is—
Q When you were standing up in the House of Commons at the Dispatch Box explaining what the security services and the police were doing, how important was your personal oversight of that, as opposed to just a judge doing it by themselves?
Charles Clarke: The implication of your point I could not agree with more. My personal experience was very important. It did lead me, personally, directly to have relations with the individuals in the security services who were involved with these things, and I think that helped my whole job as Home Secretary.
Q You talked about updating the legislation and the importance of that. Do you see an internet connection record or something equivalent to it as a key part of updating this legislation for the world we live in now?
Charles Clarke: I do personally, yes.
Lord Reid: I do as well. Not to test the Committee, but two years after 7/7, on 6 August 2006, there was a plot to bring down seven airliners. There would have been 2,500 victims, and intercept was absolutely essential in protecting those lives—absolutely essential—with both the internet and telephone communications.
Q It has been raised before, but some witnesses have said that warrantry should be solely within the Executive function—
Lord Reid: What, sorry?